tesseras-paste - Decentralized pastebin built on tesseras-dht

	Commit message (Collapse)	Author	Age	Files	Lines
*	Limit stdin read in tp, bound protocol drain, document Arc leak	murilo ijanc	2026-03-25	3	-11/+30
\| \| \| \| \| \| \| \|	- tp: limit stdin to 64 KiB + 1 byte to reject oversized pastes early without unbounded memory allocation - daemon: bound the oversized-line drain to MAX_LINE_SIZE so a client without newlines cannot block beyond the read timeout - tpd: document intentional Arc::into_raw leak in signal handler
*	Harden identity key permissions, atomic writes, and HTTP method	murilo ijanc	2026-03-25	3	-8/+42
\| \| \| \| \| \| \| \| \|	- Write identity.key with mode 0600 to prevent other users from reading the Ed25519 private seed - Use destination filename in atomic_write temp path to avoid collisions between concurrent writes to different files - Reject HTTP methods other than GET/HEAD with 405 - Return "Hello Tesseras World" on GET /
*	Add missing pledge promises (drm, prot_exec) and source reference	murilo ijanc	2026-03-25	1	-10/+46
\| \| \| \| \|	Add reference to pledgereq[] in /usr/src/sys/kern/kern_pledge.c and include drm and prot_exec that were missing from the list.
*	Fix clippy warnings: needless borrow and collapsible if	murilo ijanc	2026-03-25	2	-10/+10
\|
*	Log socket setup errors in Unix client handler	murilo ijanc	2026-03-25	1	-2/+8
\| \| \| \| \|	Warn when set_nonblocking or set_read_timeout fails instead of silently disconnecting the client.
*	Handle HTTP connections in separate threads with cap of 8	murilo ijanc	2026-03-25	1	-2/+26
\| \| \| \| \| \|	A slow connection or DHT lookup (up to 30s) no longer blocks the entire HTTP accept loop. Connections beyond the limit get a 503 response.
*	Exit early if data directory cannot be created	murilo ijanc	2026-03-25	1	-2/+8
\| \| \| \| \|	Report the actual error instead of silently ignoring it and failing later with a confusing message in PasteStore::open.
*	Fix critical data integrity and security issues	murilo ijanc	2026-03-25	4	-15/+59
\| \| \| \| \| \| \| \| \| \|	- Atomic writes in store (write-to-temp + rename) to prevent corruption on crash - Validate DHT results against requested content hash to reject forged data from malicious nodes - Limit protocol line size to 128 KiB on Unix socket to prevent memory exhaustion - Use saturating_add for TTL expiry to prevent u64 overflow
*	Add pledge(2) and unveil(2) sandboxing for tp and tpd	murilo ijanc	2026-03-25	3	-0/+102
\| \| \| \| \| \| \|	tpd: unveil data dir (rwc), resolv.conf (r) when DNS needed, then pledge stdio rpath wpath cpath fattr inet unix dns. tp: unveil socket path (rw), then pledge stdio unix rpath.
*	Add DNS SRV bootstrap discovery for automatic peer finding	murilo ijanc	2026-03-25	2	-4/+362
\| \| \| \| \| \|	tpd now queries _tesseras._udp.tesseras.net SRV records to discover bootstrap peers when no -b flag is given. Add -n flag to disable this automatic discovery for seed/isolated nodes.
*	Initial commit: tesseras-paste decentralized pastebin	murilo ijanc	2026-03-25	9	-0/+1963
	DHT-backed encrypted pastebin with two binaries (tp/tpd), XChaCha20-Poly1305 encryption, content-addressed storage, and Unix socket + HTTP interfaces.